CISA Known Exploited Vulnerability Catalog January 2023
For a detailed CISA’s KEV Catalog, download the pdf file here
Summary
For a detailed CISA’s KEV Catalog, download the pdf file here
The Known Exploited Vulnerability (KEV) catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. To be included in the catalog, a vulnerability must meet three criteria: have a Common Vulnerabilities and Exposures (CVE) ID, reliable evidence of active exploitation, and a clear remediation action such as a vendor-provided update. It is recommended that all organizations review and monitor the KEV catalog, prioritize remediation of listed vulnerabilities, and reduce the likelihood of compromise by threat actors. In January 2023, five vulnerabilities met the criteria for inclusion in the CISA’s KEV catalog.